Firewall Verification and Redundancy Checking Are Equivalent

A firewall is a packet filter that is placed at the entrance of a private network. It checks the header fields of each incoming packet into the private network and decides, based on the specified rules in the firewall, whether to accept the packet and allow it to proceed or to discard the packet. To validate the correctness and effectiveness of the rules in a firewall, the firewall rules are usually subjected to two types of analysis: verification and redundancy checking. Verification is used to verify that the rules in a firewall accept all packets that should be accepted and discard all packets that should be discarded.

Provided by: Institute of Electrical and Electronics Engineers Topic: Security Date Added: Mar 2011 Format: PDF

Find By Topic